https://docs.mongodb.com/ruby-driver/master/tutorials/ruby-driver-create-client/#uri-options-conversions maps tlsCertificateKeyFile to two Ruby options: ssl_cert and ssl_key. In the code, only the ssl_cert mapping exists (ssl_key is never set). In my testing, setting ssl_cert without setting ssl_key makes the context aware of the certificate but the certificate is never sent to the remote end over the wire, thus resulting in the server declining the connection (closing it with a log message, driver gets an EOFError) due to missing client certificate.

It is still possible to connect to server via TLS but doing so requires configuring the server to allow missing certificates (https://github.com/mongodb/mongo-ruby-driver/tree/master/spec#tls-without-verification).

If the current URI options are sufficient to configure TLS connections with verification, this needs to be tested in the test suite and documented. Alternatively https://jira.mongodb.org/browse/SPEC-1251?filter=25987 needs to be done to add a URI option for specifying the private key separately from the certificate.